AU-9(6): Read Only Access

Control Family:

Audit And Accountability

Parent Control:

AU-9: Protection Of Audit Information

Priority:

P1: Implement P1 security controls first.

CSF v1.1 References:

PR.PT-1

Threats Addressed:

Tampering

Baselines:

(Not part of any baseline)

Next Version:

NIST Special Publication 800-53 Revision 5:
AU-9(6): Read-only Access

Control Statement

The organization authorizes read-only access to audit information to [Assignment: organization-defined subset of privileged users].

Supplemental Guidance

Restricting privileged user authorizations to read-only helps to limit the potential damage to organizations that could be initiated by such users (e.g., deleting audit records to cover up malicious activity).